Should we worry about election hacking?
With five days to go until the UK General Election, minds are turning to the strength of the parties' - and country's - cyber defences
With less than a week until the UK General Election takes place, attention is turning towards the danger of cyber criminals or state actors hacking into party, governmental or parliamentary systems, or disrupting the voting system itself.
With similar attacks hitting both the US and French presidential elections, such concerns are founded in reality but does that necessarily mean such an attack is likely? The IT Pro team considers the possibility that our democracy is the next area to be disrupted.
Zach Marzouk: Maybe it's time to change passwords again?
Hacking can be extremely dangerous if electronic voting is in use, as it allows unknown actors to tamper with the internal affairs of a country. The debate over the electronic vote still goes on in some parts of the world, such as Argentina, but what we saw recently in the US should encourage governments to slow down their approach to using technology in a democratic process which should easily be carried out with a pencil and paper.
Hackers can also influence elections by leaking classified information. Will we see Corbyn's private emails leaked or May's texts exposed before 8 June? It remains a possibility. It's not only during the election that we should be worried about the power of technology, either. There needs to be a push for change in the way society addresses dangers such as hacking and threats to privacy.
For example, the UK government is trying to acquire unprecedented powers through the Investigatory Powers Act where telecoms providers may potentially have to allow the government to simultaneously spy on one in 10,000 of their customers at any time. At the same time, are our companies transitioning fast enough to deal with online threats? The recent WannaCry hack doesn't make it seem so, where the NHS and other organisations around the world were put out of action for some time last month.
For now, we can focus on the upcoming election, where we will be able to see how political parties are targeting voters on social media. If you want to help understand who they are targeting then you can download Who Targets Mes Chrome extension to help compile data to get a bigger picture of the situation.
Adam Shepherd: It's about the data, stupid
For the past twelve months, every election or vote has been plagued by hand-wringing over the prospect of the election being hacked'. If you're picturing a villainous Russian in a Balaclava waiting to delete Jeremy Corbyn's name from your ballot and replace it with Paul Nuttall's, then you can rest easy; that's definitely not going to happen. In the UK, votes are cast on paper and counted by hand and no matter how much of an elite cyber-ninja you are, you can't hack paper.
Instead, what people ought to be concerned about is outside forces influencing the election, be it billionaires, big businesses or foreign governments. There are many ways that this can be done - in the US, security experts have accused the Russians of sabotaging Hillary Clinton's campaign by hacking into the DNC's systems and releasing damaging information. In our case, extensive investigation by The Guardian indicates that a cadre of wealthy investors used a combination of big data analytics, micro-targeting and social media advertising to swing the Brexit referendum in their favour.
So, should we be worried? Well, yes and no. The Russians don't appear to have much of a vested interest in the outcome of the General Election, so there's not likely to be a threat there (at least, no more than usual). Similarly, both major parties have committed to following through on Brexit, so the result wouldn't affect Brexit puppetmasters like Robert Mercer or Aaron Banks in that regard.
On the other hand, we should be immensely concerned for the foundations of our democracy in general. There are currently no laws or powers in place to prevent outside investors from meddling in our elections through tools like social media campaigns, and in our current connected age, that creates a huge risk for groups with deep pockets and powerful friends to simply buy their way into power, independent of any oversight or limitations.
So while our current general election appears to be under no immediate threat, the fact remains that we must take a long, hard look at our current campaigning regulations, and the role that tools like social media and big data can play in them.
Jane McCallion: Hacking hearts and minds
When we think about election hacking, we need to realise that the purpose of it is different to any other hacking or online disruption campaign.
While those are motivated by greed, ideology or "lulz", interference in elections using illegal or morally dubious methods is motivated by the same thing as any political campaign: winning hearts and minds.
Hacking the DNC servers in the USA made Hillary Clinton look weak and shady to Trump supporters, Bernie-or-Busters, and swing voters. Hacking the Macron campaign in France was a (weak and ineffective) attempt to bolster Marine Le Pen's campaign against the liberal, pro-European centrist who ultimately took the Elyse Palace. In both cases, the data itself was almost incidental.
So what about the UK? Well, if nothing else, the very short lead time on this General Election hasn't left much room for hacks and cyber campaigns. What's more, until the last few days it seemed that the Conservatives would build on their existing majority in the Commons. While that's no longer a given, it's too late to put together a surprise hack and leak.
There's also an argument that the important election, from a global political point of view, already happened last June. With the two largest parties pledging to deliver Brexit either way, there's little to be gained through any overt or covert manipulation campaigns.
So while a bombshell data leak on 7 June could prove me wrong, I sincerely doubt there's any sensational surprise in the pipeline.
Dale Walker: Hacking serves as a great political sound bite
The sad truth is that hacking has become as much a part of the daily news cycle as the sporting columns or latest goings on in Westminster. The UK public has become numb to headlines of record data thefts or services being knocked offline, and it's fair to say that no one would be surprised to hear that our voting system was being targeted.
This is partly because cyber-attacks, at least from the public's perspective, appear at random Debenhams Flowers one week, and the NHS the next. The only shock' in all of this is how far the criminals are willing to go, as if they are testing defences and scoring bragging rights. And there is no bigger prize up for grabs than the upcoming General Election.
Politicians are doing their best to remind the public of the threat. Even Tim Farron, representing a party with little hope of election success, has made investing in cyber security, particularly for the ailing NHS, a key part of his campaign. While it's true we are in dire need of IT modernisation throughout our services, it blows the threat out of proportion in an attempt to win over a voting public that wants something anything to be done about cyber crime.
Yet outside the general prevailing threat against our IT services, either as an attempt to exert political influence or as a vanity project for some unknown hacking group, it's unlikely that any international criminal network cares which way the vote will go it just doesn't exert the same influence as, say, a US presidential election. And even if there are reports of voter hacking, as was the case with electronic voting in the US, its potential impact is likely to be miniscule - we won't be seeing the BNP suddenly taking a majority in the Commons.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now